From cbc5c6605ff4019e5dea8357ec18f51cf4f7adb4 Mon Sep 17 00:00:00 2001
From: Yuval Avrahami <39744677+yuvalavra@users.noreply.github.com>
Date: Wed, 5 Oct 2022 14:26:23 +0300
Subject: [PATCH] Update policies.md

---
 docs/policies.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/policies.md b/docs/policies.md
index 1cf3658..4bbd928 100644
--- a/docs/policies.md
+++ b/docs/policies.md
@@ -6,7 +6,7 @@ Policies are [Rego](https://www.openpolicyagent.org/docs/latest/policy-language/
 - **Groups**: Groups that violate the policy based on their permissions.
 - **Combined**: Nodes that violate the policy based on the union of their permissions and the permissions of the service accounts they host.
 
-The policy library at [lib](./lib) includes ~20 policies that identify identities that possess risky permissions, each detecting a different attack path.
+The [policy library](./lib) includes ~20 policies that alert on identities possessing risky permissions, each detecting a different attack path.
 
 ## Writing Custom Policies
 Policies are written in Rego, and receive input in the schema produced by `rbac-police collect`, as defined in [collect.md](./collect.md). Policies should define a `describe` rule, at least one violation type they produce, alongside one or two evaluators. Below is the [nodes_proxy](../lib/nodes_proxy.rego) policy, for example.